<?php

/**
 * Profile is a page that allows a user/student to view their information
 * and allow the editting of information
 *
 * @Author Ryan Olson
 * @Version 1.0
 */

@session_start();
require_once 'shared-functions.php';
require_once 'session.php';
require_once 'masterpage.php';

//Make sure the student is logged in
if (!IsValidSession()) {
    header('Location: login.php?page=profile');
    exit();
}
else
{
    RefreshSession();
}

//Print out the master page

masterpage("My Profile");

$link = connect_db();
//If student
if (GetCurrentUserAccessLevel() == 1) {
    $query = "SELECT * FROM `User` INNER JOIN `Student` ON `Student`.`ID` = `User`.`UserID`
              WHERE `User`.`UserID` = '" . GetSessionUser() . "'";
}
else //if user
{
    $query = "SELECT * FROM `User`
              WHERE `UserID` = '" . GetSessionUser() . "'";
}
$info = mysql_query($query, $link);

if (!$info) {
    echo "Oops.. Something went wrong. please contact technical support.";
    exit();
}

$user = mysql_fetch_array($info);
?>
    <table cellpadding="5">
        <tr>
            <td colspan="2">
                <form action="edit-profile.php" method="post">
                    <input type="submit" value="Edit"/>
                </form>
            </td>
        </tr>

        <tr>
            <td>
                Id:
            </td>
            <td>
                <?php echo $user['UserId']; ?>
            </td>
        </tr>

        <tr>
            <td>
                Name:
            </td>
            <td>
                <?php echo $user['LastName'] . ", " . $user['FirstName'] . " " . $user['MiddleName']; ?>
            </td>
        </tr>

        <tr>
            <td>
                Username:
            </td>
            <td>
                <?php echo $user['UserName']; ?>
            </td>
        </tr>
        <tr>
            <td>
                Password:
            </td>
            <td>
                *********
            </td>
        </tr>

        <tr>
            <td>
                Email Address:
            </td>
            <td>
                <?php echo $user['EmailAddress']; ?>
            </td>
        </tr>
<?php
            if (GetCurrentUserAccessLevel() == 1) {
        echo'
                <tr>
                    <td>
                        School ID:
                    </td>
                    <td>
                        '. $user['SchoolID'] .'
                    </td>
                </tr>
				
				<tr>
					<td>
						NMC ID:
					</td>
					<td>
						'. $user['NMC_ID'] .'
					</td>
				</tr>
				
				<tr>
					<td>
						Address:
					</td>
					<td>
						' . $user['Address'] . ' ' . $user['City'] . ', ' . $user['Region'] . ' ' . $user['PostalAddress'] . ' ' . $user['Country'] . '
					</td>
				</tr>

				<tr>
					<td>
						Hometown:
					</td>
					<td>
						' . $user['Hometown'] . '
					</td>
				</tr>
				
				<tr>
					<td>
						Phone Number:
					</td>
					<td>
						' . $user['PhoneNumber'] . '
					</td>
				</tr>

				<tr>
					<td>
						Date of Birth:
					</td>
					<td>
						' . $user['DOB'] . '
					</td>
				</tr>

				<tr>
					<td>
						Program
					</td>';
        $query = "SELECT * FROM `Program` WHERE `ProgramID` = '" . $user['programID'] . "'";
        $programs = mysql_query($query, $link);

        if (!$programs) {
            echo 'Oops... something went wrong. Please contact technical support';
            exit();
        }
        $program = mysql_fetch_array($programs);
        echo "
					<td>
						" . $program['Name'] . ', ' . $program['Code'] . '-' .
                            str_pad($program['Semester'], 2, '0', STR_PAD_LEFT) . $program['Year'] . "
					</td>
				</tr>";
    }
        echo "</table>";
        endmasterpage();
        ?>

